0

I'm using a very old version of CI (2.0.2) and I'm having a problem where if I have multiple sessions in the ci_sessions table, on a redirect back to my site, it's grabbing the first session it sees instead of the one it left the site with.

I have decided to store the appropriate session ID in my db. But now when you redirect back to my site, I want to set the current session to be the one I had stored the ID for.

I see lots of things on setting the session_id, but how to I actually set the current session based on a session ID?

Ex: I can see two session records in the ci_sessions table. Say one with session_id="a" and one with session_id="b". I'm currently working in "a". When I redirect and come back, it is now on session "b" or creates "c". I want to set it back to "a", which I can see still exists in the ci_sessions table.

bjacobs
  • 401
  • 1
  • 6
  • 17
  • Sorry, no clue what you're asking here. If the session id was lost during a redirect, that should only start a new session - but not pick up a random one, unless the session implementation was totally broken, in a way that would even make it a security/privacy issue. Hard to imagine that ever was the case in such a popular framework such as CI. – CBroe Feb 24 '17 at 20:11
  • And seeing in your question history that you asked six questions that are more or less about this problem within the last week, I'd say it is even more likely that this is not CI's fault, but rather an issue with the code you have written with it. – CBroe Feb 24 '17 at 20:15
  • I've taken on legacy code that someone else wrote. I am trying to make sense of it. There is definitely issues, but I don't know if it's because it's such an old version of CI or if it was the way the last person on the project implemented it. Sometimes it starts a new session yes, and sometimes it picks up the first session in the ci_sessions table belonging to the same IP address. Either way, I need to be able to set the active session from the ci_sessions table based on a session ID. Added an example above. – bjacobs Feb 24 '17 at 20:36
  • If picking up a random existing session was a CI issue, then I'm sure that there'd be a lot bugs reports and questions about it on the net - because that would be an absolute catastrophe, and make the framework practically unusable. – CBroe Feb 24 '17 at 20:46
  • There are a lot of places where I found people reporting that multiple sessions are being created instead of updating the existing one or sessions are not updating properly on older versions of CI including here https://github.com/bcit-ci/CodeIgniter/issues/744. None of the solutions I found anywhere worked for me. Now I want to try this way. Do you know how to set a session by ID? – bjacobs Feb 24 '17 at 21:00
  • That's about issues with the passing of the session id via cookie - but that would not be a general CI issue either, but rather one of correct settings in regard to the cookie parameters and/or bugs in older browsers. – CBroe Feb 24 '17 at 21:03
  • Or here: http://stackoverflow.com/questions/2438835/codeignitor-is-generating-multiple-sessions-in-the-database-why And all of these solutions didn't work for me.. – bjacobs Feb 24 '17 at 21:18
  • That also seems to be a very insulated and special case. Just because other people have vaguely specified "session problems" with CI as well, doesn't mean it has to be the same problem as yours, and neither does it indicate a general problem. I think you'll have to do some proper debugging on your specific issue. I'd start with logging the requests in browser dev tools, and verify that the session id gets passed along with _every(!) single(!) request_. Especially redirects can cause cookie issues sometimes. – CBroe Feb 24 '17 at 21:25
  • Or maybe try switching to a different session driver, and see if that changes things. If you have IP matching set to true, try and disable that and see if the issue persists. – CBroe Feb 24 '17 at 21:28
  • sess_match_ip is false. I believe it's matching it to the first record it finds that matches user_agent. And do you mean not use a database to store sessions but use CI native sessions instead? Part of the problem is I don't quite understand how on a redirect it can find the proper session when it comes back, which is why I wanted to store the ID and set the session based on that ID when we came back. – bjacobs Feb 24 '17 at 21:48
  • _"which is why I wanted to store the ID and set the session based on that ID when we came back"_ - and how's that gonna work? You'd need some sort of unique identifier for the client, so that you can match the client to its corresponding data on the next request. Only, that already exists - that's what a session __is__. So basically, you want to wrap another session around the already existing session - and I doubt that's what one would call an actual solution to the problem. – CBroe Feb 24 '17 at 22:40
  • so one clue that might be helpful, I have multiple sessions in my ci_sessions table for my user_agent/IP. I just added something to the cart. Now I can see it updated the very first session record with the cart data, but at the same exact time, created a new blank session record. I can see my cart still says it's empty, bc my browser is showing me the newest blank session, instead of the session it's actually updating. – bjacobs Feb 24 '17 at 22:43
  • In reply to your latest comment, I was going to store the session ID in my transaction table. The request to the payment API sends and receives back the transaction ID in the callback. So I'd be able to grab the transaction record, then transaction->session_id. Then set the current session to be the one that matches that ID. – bjacobs Feb 24 '17 at 22:46

0 Answers0